Proxmox Datacenter Manager 1.0 (stable)

[czechsys]

Why PDM use by default nicX variant as network interface name instead ensX as PMG, pve VMs etc?

When trying to add AD server, it doesn't work in anonymous mode - but almost the same PVE gui configuration is working, only one difference is a field for base_dn.

 

[drob-cnl]

Greetings! I have been testing PDM and its great so far! I did have a question/feature request to have the ability to restart VMs on nodes. I know you can shutdown/start VMs, but it would be nice to have service desk role with access to reboot VMs if necessary. Is this something that is possible or in the roadmap for PDM?

 

[t.lamprecht]

Hey, there are no release dates for the ALPHA and BETA releases on the fancy new-style C'LOG


https://pdm.proxmox.com/docs/roadmap.html#proxmox-datacenter-manager-0-9-beta
https://pdm.proxmox.com/docs/roadmap.html#proxmox-datacenter-manager-0-1-alpha

Thanks for noticing, fixed that in the git repo, will be released with the next version bump.
https://git.proxmox.com/?p=proxmox-...ff;h=c2559093adbd4a3f4195b16cc50f0e2b0596f329

 

[t.lamprecht]

Why PDM use by default nicX variant as network interface name instead ensX as PMG, pve VMs etc?

All the most recent installers of all our projects released this quarter include network interface pinning settings and pin by default to nicX. You can simply untick the "Pin network interface names" chechbox in the network step, or edit the pinned names to your own liking.

The reason for this is that systemd's interfacing naming is only predictable for a specific boot, i.e., it's not stable at all, and we frequently had issues with some specific setups getting their names changed (especially on major upgrades), and that's why we started to pin on installation and provide simple script for adapting existing ones; but in any case nothing specific to PDM or this release.

 

[t.lamprecht]

When trying to add AD server, it doesn't work in anonymous mode - but almost the same PVE gui configuration is working, only one difference is a field for base_dn.

Please open a dedicated thread for this providing more information about server/software and configs.

 

[czechsys]

Any option to have "cluster name" or alias for cluster in remotes? Having cluster hidden under hostname is little confusing...

 

[atromitos]

Hello Proxmox!

Thank you for releasing 1.0 PDM! So much needed product!

I just wanted to ask you a question with respect to this link: https://pdm.proxmox.com/docs/access-control.html, which mentions groups - how one can add a group access (and a group, for that matter) to PDM since in v1.0.1, in Access Control panel option, there is no Group add option nor option for setting Permissions for a group? The same exists only for a user (vs Cluster GUI where this option is present).

In addition, when adding a user by using the same panel option (Access Control ), the dialogue is the same for pam/pve and a remote auth source, meaning the dialogue requires that, in case of AD/LDAP, one must create a user password. I assume this is just temporary and will be fixed in the future releases?

Also, I would like to report a bug (or this might be a "feature" - I am not sure)". Let's say, that a user initiates a live migration from PDM. Once the user fills in all the fields necessary, a window will appear allowing the user to see details of the migration process. Let's assume that the user clicks on [X] and goes to Remotes --> some remote --> Datacenter to observe the migration process. In the right-hand pane, he would be able to see all the events that have occured in that datacenter. He is also able to select columns that he wants to see for events. If the user selects certain columns, he would be immediately able to see those selected columns. However, if he selects some other option in the pane, say, Dashboard and then goes again to Remotes --> some remote --> Datacenter, those columns that he previously selected will be lost, that is, not "saved".

My last question is more of UI-design nature - have you ever thought of replacing the spinning wheel (especially for live migrations) with a progress bar and a pecentage next to it? This would free the user of double-clicking on events in the datacenter to see details (unless he wants to know the details) ?

Thank you!

All the best and Happy Christmas to all people in Proxmox and the fellow users!

 

[sterzy]

Access Control panel option, there is no Group add option nor option for setting Permissions for a group? The same exists only for a user (vs Cluster GUI where this option is present).

You currently can't use groups yet. This is a mistake in the documentation. However, there is already an open request for this feature [1].

In addition, when adding a user by using the same panel option (Access Control ), the dialogue is the same for pam/pve and a remote auth source, meaning the dialogue requires that, in case of AD/LDAP, one must create a user password. I assume this is just temporary and will be fixed in the future releases?

Ah, yeah that should be cleaned up, sorry for that.

[1]: https://bugzilla.proxmox.com/show_bug.cgi?id=6883

 

[pavlos]

Do you plan to provide a script pdm-nag.sh (like pve-nag.sh) since the banner "No valid subscription" takes a lot of real estate? thank you.

 

[t.lamprecht]

Do you plan to provide a script pdm-nag.sh (like pve-nag.sh) since the banner "No valid subscription" takes a lot of real estate? thank you.

No, we do not provide any such scripts for PVE either and strongly recommend against installing any third party software, especially without carefully vetting it.

See the FAQ for how to get rid of these notices the legitimate way https://pdm.proxmox.com/docs/faq.html

 

[jsterr]

You can build a custom-view without the notification information but to be honest, Proxmox should include this in every view by default just to encourage people to buy a subscription!

 

[deimosian]

Enterprise-support available for existing customers with active Basic or higher subscriptions for their Proxmox remotes

It appears this is not really true, unless you also segregate your community subscription PVE servers and clusters.

Community subscriptions were advertised with enterprise repository access and denying it now is an abhorrent bait and switch.

Making people mix enterprise repo PVEs with non-subscription repo PDM is asinine.

 

[t.lamprecht]

Community subscriptions were advertised with enterprise repository access and denying it now is an abhorrent bait and switch.

That makes zero sense. The PVE Community subscription is for the PVE enterprise repo, not for the PDM one, just like it is not for the PBS one.
So absolutely nothing changed for existing PVE installations, besides you now being able to now also use PDM in addition, i.e. a new product that's again 100% open source too.

We certainly never promised that a PVE specific subscription will give you the included services also for future new products, so calling that a bait and switch is not only bogus but frankly rather disrespectful.

 

[Howard A2 Labs]

I'm in the same boat here. 100% subscribed but only 38% are subscribed enough so my PDM can't be updated anymore without switching to non-subscription repositories... despite it exclusively managing PVE servers which are using the enterprise repository.

If PDM was really a new product then I'd just be able to buy a subscription to it. That I could easily sell to management.

It being included in the existing products' subscriptions, makes it more of a new feature than a new product. I don't want to have to tell management we just wasted the money on all the community subscriptions we just bought. The whole point of buying them was to be able to keep the non-prod servers on the same repositories. If we can't manage them with the same PDM as the production cluster then there's not much point to using PDM at all.

The fact this doesn't seem incongruous to everyone involved on Proxmox's end is alarming to me.

 

[t.lamprecht]

It being included in the existing products' subscriptions, makes it more of a new feature than a new product. I don't want to have to tell management we just wasted the money on all the community subscriptions we just bought.

You certainly don't, contact our shop team or the partner you bought the subscriptions with, they are happy to help on the upgrade to our second-lowest (!), or higher, subscription tier.

The whole point of buying them was to be able to keep the non-prod servers on the same repositories. If we can't manage them with the same PDM as the production cluster then there's not much point to using PDM at all.

Having the majority of server non-prod is certainly not a common use case. And if running two PDMs is indeed not gaining you anything, then you indeed can just not run PDM at all and be off as well as before PDM existence, you're in no case worse off compared to before.

 

[Howard A2 Labs]

And if running two PDMs is indeed not gaining you anything, then you indeed can just not run PDM at all and be off as well as before PDM existence, you're in no case worse off compared to before.

Not running PDM isn't an option, it coming soon was the only thing that made Proxmox a viable platform for us to adopt at all.

Even if we ran two PDMs, one for the prod cluster (one remote, pointless) and one for the rest, we'd still have the issue of the second one being a non-subcription repo PDM managing all enterprise repo PVEs. This doesn't make any sense and is an avenue for weird version mismatch issues to crop up in the future.

You certainly don't, contact our shop team or the partner you bought the subscriptions with, they are happy to help on the upgrade to our second-lowest (!), or higher, subscription tier.

I'll reach out to the shop team and see what they can do, but either way it's a very large surprise bill I'll have to explain which is going to look bad on me as the Proxmox advocate here.

 

[wire2hire]

in the acme options the propogation time are different from the pve options. Example netcup need 600, only 48 can be set. so acme certs with netcup dont work .

 

[fabian]

in the acme options the propogation time are different from the pve options. Example netcup need 600, only 48 can be set. so acme certs with netcup dont work .

please open an issue in our bugzilla! thanks

 

[IsThisThingOn]

we recommend using tunneling (for example, WireGuard or OpenVPN) for hosts that must not be exposed directly to a non-private network.

I don't quite get the VPN approach here.
Especially considering how you do it for PBS already.

Would it not be simpler and easier to just use some kind of https or ssh with a fingerprint or valid certificate?
Setting up a WireGuard connection seems pretty overkill IMHO.

 

[sterzy]

Would it not be simpler and easier to just use some kind of https or ssh with a fingerprint or valid certificate?
Setting up a WireGuard connection seems pretty overkill IMHO.

Maybe you misunderstood? This is not a general requirement. PDM uses the REST API of all remotes, so no SSH is involved. HTTP connections are secured via HTTPS/TLS. HTTPS certificates are verified by PDM either by fingerprint that will be saved when configuring a remote or via the trusted certificates on your PDM host.

So yeah, it is not *necessary* to configure a VPN between PDM and the remotes. However, if you cannot expose the remotes into the same network that the PDM is hosted in, then you could use a VPN to work around that. Meaning, if PDM cannot by default directly connect to the remotes, a VPN can help work around that.

Does that make sense?